Artificial Intelligence-based Quantified Cyber Defense Control Model

Organization Name

Unknown Organization

Inventor(s)

Grant Bourzikas of O Fallon IL (US)

Artificial Intelligence-based Quantified Cyber Defense Control Model - A simplified explanation of the abstract

This abstract first appeared for US patent application 20240314158 titled 'Artificial Intelligence-based Quantified Cyber Defense Control Model

The present disclosure outlines a system and method designed to predict the likelihood of a future cybersecurity breach by utilizing a quantified cyber defense control (QCDC) model. This model takes into account various factors such as cyber controls structure, control type, control coverage, control strength, validation frequency, attack paths, threat intelligence, threat actors, attack tactics and techniques, and subject matter expertise control structure.

• The QCDC model includes a Cyber Defense & Mitigation Model (CDMM) to identify potential attacks that could be carried out against the target by an attacker.
• It also incorporates a Cyber Attack Threat Exposure Model (CATE) to analyze a threat actor's past, present, and future attack pathways against the target.
• The output of the QCDC model provides insights into the most probable attack against the target and suggests corresponding mitigating defenses.

Potential Applications: - Enhancing cybersecurity measures for organizations and businesses. - Improving threat detection and response strategies. - Strengthening overall defense mechanisms against cyber attacks.

Problems Solved: - Predicting and preventing cybersecurity breaches. - Identifying vulnerabilities in existing defense systems. - Streamlining cybersecurity processes for optimal protection.

Benefits: - Proactive approach to cybersecurity. - Enhanced risk management. - Increased resilience against cyber threats.

Commercial Applications: Title: "Advanced Cybersecurity Risk Prediction System" This technology can be utilized by cybersecurity firms, government agencies, financial institutions, and any organization looking to bolster their digital security measures. It can also be integrated into existing cybersecurity platforms to enhance threat intelligence capabilities and improve overall defense strategies.

Questions about the technology: 1. How does the QCDC model differ from traditional cybersecurity risk assessment methods? 2. What sets the CDMM and CATE models apart in predicting cyber threats and vulnerabilities?

Original Abstract Submitted

the present disclosure describes a system and a method that are configured to model probability of risk for future cybersecurity breach of a target by using a quantified cyber defense control (qcdc) model configured to receive data associated with cyber controls structure, control type control coverage, control strength, validation frequency, attack paths, threat intelligence, threat actors, attack tactics and techniques, and subject matter expertise control structure. the qcdc model includes a cyber defense & mitigation model (cdmm) configured to determine all available attacks that can be executed against the target by an attacker, and a cyber attack threat exposure model (cate) configured to model a threat actor's previous attack pathways, current attack pathways, and future attack pathways against the target. the qcdc model is configured to generate an output indicative of the most likely attack against the target and associated mitigating defenses.